Rows between big powers over cyber security have made headlines in the past few days, after US agencies, media and politicians came forward one after another to allege China’s PLA operates a so-called cyber force. In response, China denounced the allegation and presented facts to prove that the United States has been constantly launching cyber attacks against China. The United States has suddenly taken to sow distrust among countries, especially the leading powers in the world in the field of cyber security, a move that will prove to be destructive to global efforts in cyber security maintenance and to the global cyber environment.
Through its practice, the United States has not only made new enemies, but also polarized the global attitude toward security matters. A review of various US documents on strategic matters has revealed the omnipresence of such an erroneous mentality embraced by the United States on security matters. As a first step, the United States has listed some countries as its national enemies in its documents on cyber security strategies and grouped the countries operating in the cyber world into allies, neutral states and potential enemies. It has also taken the lead to create a force specializing in cyber operations. Initiated by the United States and followed by other countries, this erroneous security mentality has come to reign across the globe, an easily foreseeable result. For example, suppose a certain country is listed by the United States as a potential enemy in its cyber strategy, this country will surely start to study the US capabilities in cyber wars, imitate its model of operations, and develop countermeasures.
It was also the United States that first introduced the concept of deterrence into the cyber world. By making strategic enemies, the United States has not only soured state relations, but also shaken the foundation for transnational cooperation in the field of cyber security. Moreover, it has embroidered cyber warfare into its organizational and operational strategies, a move that has broken the peace of the cyber world from a state height and deviated from the goal of using cyberspace as a tool for economic development. Its inception of cyber warfare deterrence and strive for absolute superiority in this field, meanwhile, has, in practice, started an arms race in the cyber world, setting a bad example that hinders global progress in the field of cyber security.
Global and borderless, cyberspace is a field where security can hardly be secured through deterrence, a measure primarily employed by the United States during the Cold War to support its military security strategies. During the era of the nuclear arms race, mutual deterrence remained a top concern of rival countries. In the same way, the offense-and-defense game of cyber deterrence will only lead other countries to improve their offensive and defensive cyber skills, as the United States tries to secure absolute security.
Dr. Hamadoun Touré, Secretary General of the U.N. International Telecommunications Unions, once stated, “We need to have an international framework to make cyberspace peaceful. People who think they are secure don’t want anyone else to talk about it. I say there is no online superpower.” With the diffusion and popularization of technology, no hegemon can hope to permanently keep its unilateral superiority in cyberspace.
Global cyber security can be secured through unity, trust and understanding between the governments of all countries in the world. Since major powers shoulder a greater responsibility over the creation of a cyber security culture, cultivation of cyber security mentalities, and formulation of cyber security standards and codes of conduct in our present-day era of globalization, the United States should do away with its current cyber deterrence mentality on cyber security that has been based on its Cold War mentality and totally gone out of date. In 2011, China, Russia, Tajikistan and Uzbekistan submitted the International Code of Conduct for Inormation Security to the United Nations General Assembly, the first comprehensive document of its kind, which proposed the following principles concerning cyber security:
* Compliance with the UN Charter by all members, and respect to each other’s sovereignty, territorial integrity, and political independence.
* No use of information or telecom technologies to conduct hostile behaviors.
* Enjoyment by all countries of the right to protect the safety of their cyber spaces.
* Freedom of cyberspace.
* No attempt to weaken the independent control of other countries over information technology by taking advance of one’s superiority in resources, key equipment or core technologies.
* Creation of a multilateral, transparent and democratic international Internet governance mechanism.
* Cooperation in the crackdown of cyber crimes and cyber terrorism.
Articulating its explicit objection to the idea of cyber war and the use of information or telecom technologies to conduct hostile behaviors, this Code of Conduct both reflects the national norms advocated by the submitting states and highlighted their security concepts in terms of global cyberspace interests. As a result, the world’s major powers should take the lead and promise not to use information technology as a weapon or cyber space as a battlefield.
In order to dismiss the deterrence mentality set, major powers must contemplate how to secure global cyber security through international cooperation, the creation of legal mechanisms, and the adoption of pertinent technological measures. The role of the United Nations and other international organizations should also be brought into full play, and inter-governmental trust should be promoted to serve as the basis of international cooperation. Although the United States has set a bad example, it is the responsibility of all countries to give up all attempts of deterrence, instead embracing global collective security in cyberspace.
Yang Jian is vice-president of the Shanghai Institutes for International Studies.